Skip to main content
The Register has an article this morning about a new form of malware that maintains infection on machines and steals data without installing files. The malware is persistant through even after reboot. The malware resides in the computer registry only, yet isn't visible using RegEdit. Anyway, is webroot aware of this new malware and can webroot protect against it?

 

The Register's article is here: http://www.theregister.co.uk/2014/08/04/registryinfecting_rebootresisting_malware_has_no_files/

 

Gdata Security Blog on it: https://blog.gdatasoftware.com/blog/article/poweliks-the-persistent-malware-without-a-file.html

 

 
I did see that article and check with our threat team.  They said that we'd pick up the Word doc trying to modify the registry as a suspicious activity, preventing it from getting installed in the first place.

Reply